<?php
include("../../includes/db_connect.php");
include("../../includes/safefunctions.php");
session_start();	
	
if(isset($_POST["submit"])) {
	echo "<div id=\"result\">";
		$courseId = safety($_POST["courseId"]);
		$userId = safety($_POST["userId"]);
		$grade = trim($_POST["grade"]);

		if(ctype_digit($grade)) {
			$gradeQuery = mysqli_query($db, "SELECT * FROM grades WHERE courseId='$courseId' AND userId='$userId'");
			if(mysqli_num_rows($gradeQuery) > 0) {
				$gradeQuery = mysqli_query($db, "UPDATE grades SET grade='$grade' WHERE courseId='$courseId' AND userId='$userId'");
				echo "Ändrade Betyg";
			}else{
				$gradeQuery = mysqli_query($db, "INSERT INTO grades (courseId, userId, grade) VALUES('$courseId', '$userId', '$grade')");
				if($gradeQuery) {
					echo "Satte nytt betyg";
				}else{
					echo "Kunde inte sätta betyg, kontakta admin";
				}
			}
		}
	echo "</div>";
}else{
	echo "<div id=\"result\"></div>";
	$courseQuery;
	if($_SESSION["classId"]) {
		$courseQuery = mysqli_query($db, "SELECT id, name, classId FROM courses WHERE classId = '{$_SESSION["classId"]}'" );
	}else{
		$courseQuery = mysqli_query($db, "SELECT id, name, classId FROM courses" );
	}
	$classAssoc = $courseQuery->fetch_assoc();
	$classId = $classAssoc["classId"];
	
	if($_SESSION["classId"]) {
		$courseQuery = mysqli_query($db, "SELECT id, name, classId FROM courses WHERE classId = '{$_SESSION["classId"]}'" );
	}else{
		$courseQuery = mysqli_query($db, "SELECT id, name, classId FROM courses" );
	}
	
	$classQuery = mysqli_query($db, "SELECT id, firstname, lastname, pnr FROM users WHERE classId = '$classId'");
	for($i = 0; $i < ($classQuery->num_rows * $courseQuery->num_rows); ++$i)
		echo "<form id=\"formEducation$i\" class='formEducation'></form>";
	
	$formId = 0;	
	
	
	while($course = $courseQuery->fetch_assoc()) {
		$classId = $course["classId"];
		$courseId = $course["id"];
		$classQuery = mysqli_query($db, "SELECT id, firstname, lastname, pnr FROM users WHERE classId = '$classId'");
			
		echo "<h2>{$course["name"]}</h2><table>";
		while($user = $classQuery->fetch_assoc()) {
			$gradeQuery = mysqli_query($db, "SELECT moment, grade FROM grades WHERE courseId = '$courseId' AND userId = {$user["id"]}");
			echo "<tr>";
			echo "<td>{$user["firstname"]} {$user["lastname"]}</td>";
			echo "<td>{$user["pnr"]}</td>";
			echo "<td>";
			echo "<select method=\"POST\" form=\"formEducation$formId\" name=\"grade\">";
			if($grade = $gradeQuery->fetch_assoc()) {
				echo "<option value=\"-\">-</option>
				<option value=\"0\"";if($grade["grade"] === "0") echo "selected='selected'";echo ">IG</option>
				<option value=\"1\"";if($grade["grade"] === "1") echo "selected='selected'";echo ">G</option>
				<option value=\"2\"";if($grade["grade"] === "2") echo "selected='selected'";echo">VG</option>";
			}else{
				echo "<option value=\"-\">-</option>
				<option value=\"0\">IG</option>
				<option value=\"1\">G</option>
				<option value=\"2\">VG</option>";
			}
			echo "</select>";
			echo "</td>";
			echo "<td><input form=\"formEducation$formId\" type=\"submit\" name=\"submit\" value=\"Ändra betyg\"></td>";
			echo "</tr>";
			echo "<input form=\"formEducation$formId\" type=\"hidden\" name=\"userId\" value=\"{$user["id"]}\">";
			echo "<input form=\"formEducation$formId\" type=\"hidden\" name=\"courseId\" value=\"$courseId\">";
			++$formId;
		}
		echo "</table>";
	}
}
?>

<script src="../script/jquery-1.11.1.min.js"></script>
<script src="../script/ajaxlinks.js"></script>
<script>
var _SESSION = {};
_SESSION["currentPage"] = "setGrade.php";
$('form.formEducation').submit(function (e) {
	e.preventDefault();
	var form = this;
	var url = "submit=get";
	url += "&userId="+form["userId"].value;
	url += "&courseId="+form["courseId"].value;
	url += "&grade="+form["grade"].value;
	setTimeout(function(){ 
		var page = getPage(_SESSION["currentPage"], "POST", url);
		var tmpDiv = document.createElement("div");
		tmpDiv.innerHTML = page;
		document.getElementById("result").innerHTML = tmpDiv.querySelector("[id=result]").innerHTML;
	}, 1);
	return false;

});
</script>